Commit Graph

1278 Commits

Author SHA1 Message Date
Paul Fultz II 7d9fdf582b
Fix 10121: False positive: Condition 'ab->a!=123' is always false when modifying an alias (#3293) 2021-08-01 10:10:11 +02:00
Paul Fultz II 6767b57d4c
Fix FP for symbolic values when the expression is not const (#3370) 2021-07-31 14:19:37 +02:00
Paul Fultz II 3a7ba3cd29
Add symbolic values to ValueFlow (#3367) 2021-07-30 21:29:35 +02:00
Paul Fultz II 6a81b4c17c
Fix 10264: FP invalidContainer when address of container is passed inside struct (#3368) 2021-07-30 15:52:00 +02:00
Paul Fultz II 737b6199ba
Refactor: Allow parse to return multiple values for a condition (#3361) 2021-07-26 22:23:19 +02:00
Paul Fultz II c34691ff56
Fix 10354: FP knownConditionTrueFalse after bitwise and/xor (#3360) 2021-07-26 22:22:50 +02:00
Paul Fultz II 84ea0a2295
Refactor: Remove extra analysis of container sizes in conditions (#3357) 2021-07-25 18:14:51 +02:00
Paul Fultz II 5be3f700bb
Fix 10373: ValueFlow: container in struct assumed empty (#3355) 2021-07-25 18:13:55 +02:00
Paul Fultz II 8e416a7255
Fix issue 10379: FP knownConditionTrueFalse with mod operator (#3354) 2021-07-25 18:13:14 +02:00
Paul Fultz II 00eb71fd49
Remove constexpr -> const simplification (#3346) 2021-07-22 07:22:26 +02:00
Paul Fultz II 8efe1d4ab4
Find reference to dangling unique ptr (#3344) 2021-07-20 21:30:27 +02:00
Daniel Marjamäki dd34d1c123 CI; Fix Cppcheck self-check, pointer can be const 2021-07-20 11:21:47 +02:00
orbitcowboy 1be5bb8bbc Running astyle [ci skip] 2021-07-18 10:01:22 +02:00
Paul Fultz II 59a1c1a9d8
Refactor: Remove variable analyzer (#3339) 2021-07-18 07:46:31 +02:00
orbitcowboy 3f1e937ea1 Running astyle [ci skip] 2021-07-17 08:19:04 +02:00
chrchr-github 8cd8b9c64e
Fix MSVC build and some warnings (#3334) 2021-07-16 21:55:12 +02:00
Paul Fultz II 942202aede
Evaluate container sizes in forward analysis (#3338) 2021-07-16 18:49:07 +02:00
Daniel Marjamäki 56924643be Fixed #10347 (ValueFlow: No known value set for sizeof(a[0])) 2021-07-08 18:18:44 +02:00
Armin Müller fc90598077
Typos found by running "codespell" (#3324) 2021-07-02 17:41:51 +02:00
Daniel Marjamäki 1a5449cbeb Fixed #10327 (ValueFlow; Wrong Uninit value in called function) 2021-07-01 22:08:00 +02:00
Daniel Marjamäki 2a2e071a85 Tokenizer::simplifyAttribute; Set function attribute for function pointer 2021-06-26 14:23:39 +02:00
Paul Fultz II 66956ed959
Fix 10323: Wrong known value. x!=0 does not mean that x==1 (#3308) 2021-06-26 09:16:45 +02:00
Paul Fultz II 508188df2b
Fix 10297: Regression; ValueFlow known value, sign conversion (#3307) 2021-06-26 09:16:04 +02:00
Daniel Marjamäki 769b20b426 ValueFlow: Clarify note when impossible value is assigned (#10297) 2021-06-24 17:10:06 +02:00
Daniel Marjamäki 2d08564c8a astyle formatting 2021-06-19 14:47:35 +02:00
Paul Fultz II dd178c3ad9
Fix 10314: Possible nullPointerRedundantCheck false positive (#3298) 2021-06-19 13:59:48 +02:00
Paul Fultz II f55a4563f9
Fix 10308: danglingTemporaryLifetime confused by function parameter (#3292) 2021-06-09 09:21:03 +02:00
Paul Fultz II f3a33ea330
Fix 10294: ValueFlow: Wrong <Uninit> value below loop (#3291) 2021-06-09 09:20:43 +02:00
orbitcowboy 195d413986 Running astyle [ci skip] 2021-06-05 08:53:15 +02:00
Paul Fultz II f90b05ea7c
Show lifetime kind in output (#3285) 2021-06-04 21:41:30 +02:00
Paul Fultz II 668b88d7c0
Fix 10284: False positive; valueFlowBeforeCondition does not seem to care about increment (#3287) 2021-06-04 21:40:57 +02:00
Paul Fultz II a14922ed85
Fix 10238: FP knownConditionTrueFalse std::string from const char* assumed non-empty (#3288) 2021-06-04 17:22:05 +02:00
Paul Fultz II 537fb5bcd9
Fix 10264: FP invalidContainer when address of container is passed inside struct (#3286) 2021-06-04 17:20:47 +02:00
Paul Fultz II 486e440c4a
Fix 10298: ValueFlow: Wrong known value, 'x == -1' implicit unsigned cast for rhs (#3277) 2021-06-04 17:17:41 +02:00
Paul Fultz II 95c872b1ec
Fix todo test for returning a dangling reference (#3284) 2021-06-04 17:15:39 +02:00
Paul Fultz II 548ec10824
Fix issue 10306: FP knownConditionTrueFalse with modulo result converted to bool (#3282) 2021-06-03 07:26:36 +02:00
Paul Fultz II ab50a75d8a
Fix 10289: ValueFlow; Wrong known value 'size_t - uint16_t > 0' (#3273) 2021-05-24 08:28:21 +02:00
Paul Fultz II 47a4144b47
Fix 10288: ValueFlow; False positives because of wrong known value when there is sign cast (#3268) 2021-05-23 10:20:29 +02:00
Paul Fultz II 8541e0503e
Fix 10290: false negative: container out of bounds (#3269) 2021-05-22 23:33:13 +02:00
Paul Fultz II c63aa2f2cc
Fix 10263: FP containerOutOfBounds when container is accessed via pointer (#3265) 2021-05-22 08:36:51 +02:00
Paul Fultz II 1e3ab460a3
Fix 10254: false positive: arrayIndexOutOfBounds in inline function (#3266) 2021-05-22 08:20:09 +02:00
Armin Müller c70b8793a3
Typos found by running "codespell" (#3251) 2021-05-19 11:49:19 +02:00
Paul Fultz II 4b11bb4ad3
10278: ValueFlow: Wrong known value, sign conversion (#3260) 2021-05-18 07:28:45 +02:00
Paul Fultz II eb96e4980e
Fix issue 10268: ValueFlow; Wrong value in for loop (#3257) 2021-05-15 08:39:20 +02:00
Daniel Marjamäki abb4200316 Fixed #10196 ("Unhandled char constant 'x'" with non-standard escape character) 2021-05-08 12:54:18 +02:00
Daniel Marjamäki 07c1f28035 astyle formatting 2021-05-01 07:35:03 +02:00
Paul Fultz II 31e3e4d87b
Fix issue 10086: false positive: (style) constVariable: Variable 'x' can be declared with const (#3219) 2021-04-30 17:47:08 +02:00
Daniel Marjamäki 04e9c13bc6 TemplateSimplifier; Better handling of c++17 fold expressions and c++20 concepts.
c++17 fold expressions are simplified to a __cppcheck_uninstantiated_fold__ if they are not instantiated.

c++20 concepts are skipped/removed by Cppcheck and these will be enforced by the compiler.
2021-04-20 15:40:25 +02:00
Paul Fultz II db5f00a16a
Fix issue 10214: FP: danglingTempReference doesn't account for reference lifetime extension (#3220)
* Fix issue 10214: FP: danglingTempReference doesn't account for reference lifetime extension
2021-04-19 14:20:29 +02:00
Paul Fultz II 563c9dd9cc
Fix issue 10208: FP: knownConditionTrueFalse in for loop with function that assigns by ref (#3198) 2021-04-18 21:42:27 +02:00
Paul Fultz II a772d652d8
Fix issue 9932: FP: containerOutOfBounds (#3217)
* Fix issue 9932: FP: containerOutOfBounds
2021-04-18 10:43:38 +02:00
Oliver Stöneberg 5a7e361442
run self-checks with standard set to C++11 (#3206) 2021-04-12 18:29:13 +02:00
Paul Fultz II 255f273c46
Fix issue 10088: ValueFlow: Array size, wrong known value (#3204) 2021-04-09 07:43:54 +02:00
Paul Fultz II e0f9627201
Fix issue 10226: FP: redundant condition or invalid iterator (#3195) 2021-04-06 11:04:37 +02:00
Paul Fultz II f605f71e49
Fix issue 10225: false positive: knownConditionTrueFalse (#3196) 2021-04-05 10:20:14 +02:00
Daniel Marjamäki 44f914eaee astyle formatting
ci skip
2021-04-04 18:20:32 +02:00
Paul Fultz II 182ae75290
Fix issue 10216: FP containerOutOfBounds with std::array initialized with = {} (#3190) 2021-03-31 22:07:54 +02:00
Oliver Stöneberg 9b974f1b8e
fixed Visual Studio warnings about shadowed members (#3191) 2021-03-31 22:07:20 +02:00
Paul Fultz II 5077663684
Fix issue 9979: false positive: containerOutOfBounds with conditional resize (#3136) 2021-03-30 14:02:28 +02:00
Paul Fultz II 9de976b243
Fix issue 10194: hang with followAllReferences() (#3189)
* Decrease depth faster when there is multiple returns
2021-03-30 11:22:56 +02:00
Daniel Marjamäki 42437277dc Update Copyright year 2021-03-21 20:58:32 +01:00
PKEuS 141d2ac215 Refactorization: Improved internal implementation of severity and certainty levels
Backported from LCppC.
2021-02-24 22:00:06 +01:00
PKEuS 6a811eec1c Refactorization: Removed unused functions 2021-02-17 22:44:03 +01:00
Daniel Marjamäki 0a71b52a87 Remove unused function 2021-02-11 19:27:36 +01:00
Daniel Marjamäki fbf63b932e astyle formatting
[ci skip]
2021-02-10 11:42:00 +01:00
Oliver Stöneberg 39c5274742
valueflow.cpp: optimized SingleValueFlowAnaylzer::isAlias() by avoidi… (#3051) 2021-02-10 08:18:21 +01:00
Paul Fultz II 0e871c178f
Fix issue 10141: Errors with ref assignment (duplicateValueTenary and knownEmptyContainer) (#3093) 2021-02-09 15:27:46 +01:00
Paul Fultz II cf8a5d9a22
Fix issue 10111: FP knownConditionTrueFalse (#3110) 2021-02-03 10:21:47 +01:00
Paul Fultz II 913dbeb8d8
Fix FP when inserting a range into a container (#3108) 2021-02-02 14:57:48 +01:00
Paul Fultz II e17d22eb87
Fix issue 10134: False positive: value is not known. Early return. (#3086) 2021-01-28 12:37:56 +01:00
IOBYTE 4e1ff86bb2
use nonneg int for varid and exprid (#3085) 2021-01-27 19:49:13 +01:00
Daniel Marjamäki 987c8a854e astyle formatting
[ci skip]
2021-01-25 22:51:50 +01:00
Paul Fultz II 0f8f207719
Remove valueFlowFwdAnalysis and update valueFlowAfterAssign to handle expressions (#3074) 2021-01-25 17:24:36 +01:00
Daniel Marjamäki 772b44d11a Fixed compiler warnings 2021-01-23 18:04:28 +01:00
Paul Fultz II c860de8565
Fix issue 8143: valueFlowCondition: before and inside while (#3045) 2021-01-23 17:52:01 +01:00
Paul Fultz II d80f2fb46f
Reapply f1cc3ad and fix performance regression (#3076) 2021-01-23 08:47:39 +01:00
orbitcowboy bb451ca289 Running astlye [ci skip] 2021-01-22 21:47:24 +01:00
Daniel Marjamäki 0fa89ff2ba Revert 14365ffc7 and f1cc3ada8, there was a performance regression 2021-01-22 10:51:46 +01:00
Daniel Marjamäki 14365ffc7c make a function static 2021-01-21 20:27:28 +01:00
Paul Fultz II f1cc3ada86
Refactor valueFlowTerminatingCondition to handle inner conditions and complex conditions (#3060) 2021-01-21 20:18:53 +01:00
Paul Fultz II d05acf3c41
Fix issue 10120: FP: containerOutOfBounds, regression (#3064) 2021-01-21 19:50:57 +01:00
Paul Fultz II 8b26ecbcdd
Extend ProgramMemory to handle expressions (#3069) 2021-01-21 19:49:37 +01:00
Paul Fultz II 25ada657da
Fix issue 9030: ValueFlow: Possible value after conditional assignment in for loop (#3059) 2021-01-18 10:12:07 +01:00
Paul Fultz II b571e9fe0b
Fix issue 10106: FP: nullPointerRedundantCheck (#3044) 2021-01-13 12:36:26 +01:00
Daniel Marjamäki 1858465bca astyle formatting
[ci skip]
2021-01-12 21:28:56 +01:00
Armin Müller 0de0a954d2
Typos found by running "codespell" (#3042) 2021-01-12 20:48:25 +01:00
Paul Fultz II b1c56d33ac
Fix issue 9133: Invalid iterator; vector::push_back, functions (#3008) 2021-01-11 18:47:38 +01:00
Paul Fultz II 678ee00fe9
Infer variables from conditions in valueFlowSubfunction (#3037) 2021-01-11 08:00:13 +01:00
Paul Fultz II a3617fe573
Fix issue 10102: False positive: knownConditionTrueFalse in for loop (#3038) 2021-01-11 07:56:16 +01:00
Daniel Marjamäki 707f1f2fbe ValueFlow: Fixed isEqual 2021-01-10 16:52:11 +01:00
Daniel Marjamäki 98c7c0af96 Fixed GCC compiler warnings 2021-01-10 15:27:42 +01:00
Daniel Marjamäki f493ce16b3 astyle formatting
[ci skip]
2021-01-10 14:46:19 +01:00
Paul Fultz II bc3f5554a4
Fix issue 8871: improve check: mismatching container size conditions (#2988) 2021-01-10 13:30:00 +01:00
Paul Fultz II c267d85640
Add generic valueflowBeforeCondition (#3001) 2021-01-08 22:55:04 +01:00
Oliver Stöneberg 96704c9971
fixed and enabled some more clang-tidy warnings (#3007) 2021-01-05 17:51:32 +01:00
Paul Fultz II e004731f1c
Fix issue 8650: ValueFlow: Track if pointer is created by '&' operator (#3011) 2021-01-05 16:56:38 +01:00
Paul Fultz II f0b5668436
Fix issue 9890: ValueFlow: known value not found (variable is changed in path that returns) (#3010) 2021-01-05 16:49:08 +01:00
Oliver Stöneberg d59abfd977
fixed clang-tidy warnings (#3006)
* clang_tidy.cmake: added clang-tidy-11 to list of executables to look for

* .clang-tidy: disabled warnings we are (currently) not interested in

* fixed clang-tidy warnings
2021-01-02 23:10:27 +01:00
Rikard Falkeborn d19454b935
Refactoring: Convert ValueType to enum class (#3005) 2021-01-02 09:30:00 +01:00
shaneasd 53734a3da1
Test for return address of reference (#2991) 2020-12-28 10:50:42 +01:00
orbitcowboy 38fc6f209d Running astye [ci skip] 2020-12-26 14:02:03 +01:00
Oliver Stöneberg 00071d09f6
split "valueFlowBailoutIncompleteVar" from more generic "valueFlowBailout" (#2976) 2020-12-26 13:48:22 +01:00
Daniel Marjamäki 8fcef7ad0d astyle formatting
ci skip
2020-12-25 08:58:12 +01:00
Paul Fultz II 7861aa00cf
Refactor afterCondition handlers into to seperate classes (#2975) 2020-12-24 20:07:46 +01:00
Paul Fultz II a770342593
Fix crash in getInitListSize (#2960) 2020-12-19 12:23:19 +01:00
Daniel Marjamäki 1744cbaf66 astyle formatting
[ci skip]
2020-12-19 08:56:46 +01:00
Paul Fultz II 626dcd0eba
Fix issue 10037: False positive when passing variables to functions by address (#2957) 2020-12-19 08:29:37 +01:00
Paul Fultz II b044f9ba96
Fix issue 9996: false negative: containerOutOfBounds with std::vector::front() and c++11 braced initializer (#2958) 2020-12-18 07:14:11 +01:00
Paul Fultz II 904d52acac
Fix issue 10004: ValueFlow: pointer value, wrongly set known value (#2931) 2020-12-03 07:15:31 +01:00
IOBYTE 43ce1607c7
fix a large number of valgrind warnings in testrunner (#2920)
Co-authored-by: Robert Reif <reif@FX6840>
2020-11-24 18:21:07 +01:00
Daniel Marjamäki 5e69def679 Code cleanup; Remove unused functions 2020-11-18 20:27:51 +01:00
Paul Fultz II e8c1c792a5
Fix issue 9987: false positive: danglingTempReference with && variable and assignment (#2907) 2020-11-17 06:52:12 +01:00
Rikard Falkeborn 324e267559
getSizeOf: Handle long double (#2888) 2020-11-11 22:51:17 +01:00
Daniel Marjamäki 7182da5c8e astyle formatting 2020-11-11 09:17:54 +01:00
Paul Fultz II bd7e915c20
Add generic reverse valueflow (#2878) 2020-11-10 16:00:55 +01:00
Daniel Marjamäki 88a35d2253 Fix CodeQL warning, Multiplication result converted to larger type 2020-11-06 19:50:05 +01:00
Rikard Falkeborn d7a8e25d92
Fix #9647: Set correct enum value (#2856)
* Tokenize: Set varId for variables in enum

Set varIds in enum values. It was previously disabled in 5119ae84b8
to avoid issues with enums named the same as global variables. Take care
to only set varids to variables used to set the value of an enumerator,
not the enumerator itself. This is somewhat complicated by the fact that
at the time this happens, astOperand1(), astOperand2(), astParent() etc
are not set. The current implementation is not perfect, for example in
the code below, y will not have a varid set, but x and z will. This is
deemed sufficient for now.

            int x, y, z;
            enum E { a = f(x, y, z); };

* Fix #9647: Value of enums with variables as init values

C++ allows enum values to be set using constexprs, which cppcheck did
not handle before. To solve this, add a new pass to valueflow to update
enum values after global consts have been processed. In order to do so,
I moved all settings of enum values to valueflow. After setting the enum
values, we need another call to valueFlowNumber() to actually set users
of the enums.

There is still room for improvements, since each pass of
valueFlowGlobalConstVar() and valueFlowEnumValue() only sets variables
that are possible to set directly, and not if setting the value of a
variable allows us to set the value of another. For example

	constexpr int a = 5;
	constexpr int b = a + 5;
	enum E { X = a };
	constexpr E e = X;

Here both b and e will not have their values set, even though cppcheck
should be possible to figure out their values. That's for another PR
though.

This was tested by running test-my-pr.py with 500 packages. The only
difference was one error message in fairy-stockfish_11.1, where cppcheck
now printed the correct size of an array instead of 2147483648 which I
assume is some kind of default value. In that package, using a constexpr
when setting enum values is common, but as mentioned, there was no
change in the number of warnings.
2020-10-22 07:45:04 +02:00
Paul Fultz II 64638d82bb
Fix issue 9945: FP: containerOutOfBounds (#2845) 2020-10-22 07:41:52 +02:00
Armin Müller 08cef9e815
Typos found by running "codespell" (#2846) 2020-10-15 19:24:13 +02:00
Paul Fultz II 047c3ed6ba
Fix issue 9935: FP: knownConditionTrueFalse value flow doesn't account for virtual functions (#2839) 2020-10-09 17:21:27 +02:00
Paul Fultz II 372161c89b
Fix issue 9939: False positive: Reference to temporary returned (static variable) (#2840) 2020-10-06 09:16:54 +02:00
Daniel Marjamäki 17e562a87f astyle formatting
[ci skip]
2020-10-03 11:02:11 +02:00
Paul 828a5e2326 Fix issue 9930: valueFlowLifetime hang 2020-10-03 11:01:53 +02:00
Paul Fultz II d9eacaecbb
Fix issue 9842: ValueFlow: wrong handling of ?, seems to think that the whole expression is a condition (#2821) 2020-09-23 07:45:03 +02:00
Oliver Stöneberg 7189b303ae
fixed some modernize-loop-convert clang-tidy warnings (#2815) 2020-09-21 19:30:47 +02:00
Paul Fultz II 857722f859
Fix issue 9711: FP knownConditionTrueFalse for variable modified via pointer (#2813) 2020-09-20 14:27:09 +02:00
Paul Fultz II c2e8051196
Fix issue 9904: False positive: duplicateCondition when modifying variable in lambda (#2811) 2020-09-18 07:44:26 +02:00
Paul Fultz II e5d0ffdbe7
Fix issue 9900: False positive: Returning lambda that captures local variable 'x' that will be invalid when returning. (#2809) 2020-09-17 08:33:52 +02:00
Paul Fultz II 11c99d7387
Fix issue 9880: False positive: danglingLifetime (#2810) 2020-09-17 07:23:38 +02:00
Paul Fultz II ebbff08932
Fix issue 9899: False positive: Non-local variable will use object that points to local variable (#2808) 2020-09-15 07:11:52 +02:00
Paul Fultz II bb7164171c
Fix issue 9894: ValueFlow: wrong known value below while with assignment (#2804)
* Fix issue 9894: ValueFlow: wrong known value below while with assignment
2020-09-14 08:03:25 +02:00
Daniel Marjamäki 600538a325
Merge pull request #2793 from Ken-Patrick/mixedoperators
Fix false positives with condition with || and &&
2020-09-11 10:11:31 +02:00
Daniel Marjamäki 92d65a1824 astyle formatting 2020-09-11 08:51:12 +02:00
Ken-Patrick Lehrmann a114bf0293 Fix false positives with condition with || and &&
The value of something in the middle of a condition with mixed || and &&
gives no information on which branch will be taken.
For instance with:
```
int f(int a, int b, bool x) {\n"
  if (a == 1 && (!(b == 2 && x))) {
  } else {
    if (x) {
    }
  }

  return 0;
}
```
We can enter the if part whether x is true or false, and similarly,
enter the else part whether x is true or false. Same thing with the
value of b.

This fixes the following false positive with above code:
```
:4:13: style: Condition 'x' is always true [knownConditionTrueFalse]
        if (x) {
            ^
:2:33: note: Assuming that condition 'x' is not redundant
    if (a == 6 && (!(b == 21 && x))) {
                                ^

```
2020-09-10 23:27:39 +02:00
Paul bb9dbaa8f5 Format 2020-09-09 21:32:07 -05:00
Paul 75b955b9c6 Fix issue 9833: False positive: Division by zero when using pointer to struct 2020-09-09 21:29:26 -05:00
Paul Fultz II 34d65e25d6
Merge branch 'main' into lifetime-subfunction 2020-09-09 12:02:02 -05:00
Daniel Marjamäki 687b44dbb7 Token: add flag for splitted variable declaration with initialization 2020-09-09 16:22:47 +02:00
Daniel Marjamäki b1401c6536
Merge pull request #2789 from pfultz2/smart-ptr-constructor
Fix issue 9496: False negative: Dereferencing returned smart null-pointer
2020-09-09 08:16:30 +02:00
Paul 965fea370f Formatting 2020-09-08 21:55:53 -05:00
Paul 382408f59e Fix issue 9496: False negative: Dereferencing returned smart null-pointer 2020-09-08 21:54:38 -05:00
Paul 8d7088aa24 Fix issue 9835: False negative: Return reference to temporary with const reference 2020-09-08 18:30:45 -05:00
Paul 8c425790f4 Merge branch 'main' into lifetime-subfunction 2020-09-08 13:18:01 -05:00
Daniel Marjamäki 18e99176e5
Fix issue 9883: endless recursion in getLifetimeTokens (#2786) 2020-09-08 20:14:54 +02:00
Paul Fultz II 5099ca3c8b
Fix issue 9882: segfault in ForwardTraversal (#2785) 2020-09-08 20:14:10 +02:00
Paul d5489fd1f0 Fix issue 9883: endless recursion in getLifetimeTokens 2020-09-08 11:33:29 -05:00
Paul 1be67ea008 Merge 2020-09-08 11:00:57 -05:00
Daniel Marjamäki 0c6dc84cbb astyle formatting
[ci skip]
2020-09-07 10:56:02 +02:00
Paul Fultz II 362ab44c40
Fix issue 9646: False negative: Return reference to temporary with const reference (#2782) 2020-09-07 10:52:54 +02:00
Daniel Marjamäki c7aed8bd0e astyle formatting 2020-09-06 07:47:17 +02:00
Daniel Marjamäki b0b31feadd fix ubsan errors 2020-09-05 21:09:11 +02:00
Daniel Marjamäki a102574e3f astyle formatting 2020-09-05 08:00:51 +02:00
Paul Fultz II cc2bc74084
Track lifetime for lambdas with explicit capture (#2776) 2020-09-05 07:56:01 +02:00
Paul bb37b07def Extend lifetimes to subfunctions 2020-09-04 11:56:34 -05:00
shaneasd 84dd0c961f
False positive dynamic_cast auto variable which has been checked against null (#2769) 2020-09-04 07:06:26 +02:00
Paul Fultz II 03cefd5d70
Fix issue 9853: False positive: returnReference when using a pointer to container (#2765) 2020-09-02 20:01:08 +02:00
Paul Fultz II 32df807b22
Fix issue 9783: wrong lifetime analysis temporary assigned to object (#2711) 2020-09-02 07:13:15 +02:00
Daniel Marjamäki 8e79b0c8bc astyle formatting
[ci skip]
2020-09-01 20:00:04 +02:00
Paul Fultz II ba84196dca
Fix issue 9865: false positive: knownConditionTrueFalse (#2764) 2020-09-01 11:22:38 +02:00
Paul Fultz II 1c5f496350
Fix issue 8373: false negative: invalid iterator (#2761) 2020-08-31 08:46:56 +02:00
Daniel Marjamäki 18c29544eb astyle formatting 2020-08-28 19:29:33 +02:00
Paul Fultz II 6ab3c93fb1
Fix issue 9756: false negative: invalid iterator from std::find_if (#2760) 2020-08-28 19:29:09 +02:00
Paul Fultz II 82bdbcd73b
Fix issue 9859: false positive: knownConditionTrueFalse (#2759) 2020-08-28 19:26:09 +02:00
Paul Fultz II 494fff65b7
Add outOfBounds check for iterators to containers (#2752) 2020-08-26 21:05:17 +02:00
Daniel Marjamäki bb5cad42cd astyle formatting
[ci skip]
2020-08-26 10:15:09 +02:00
Paul Fultz II ec89c57a90
Fix issue 9849: false positive: containerOutOfBounds (#2753) 2020-08-25 07:12:41 +02:00
Paul Fultz II 02287d9d34
Fix issue 7324: valueFlowForward : decrement (#2737) 2020-08-24 13:10:36 +02:00
Daniel Marjamäki 2bb73840fc astyle formatting 2020-08-23 17:17:33 +02:00
Paul Fultz II ac846b96d1
New check: Iterating a known empty container (#2740) 2020-08-22 09:16:26 +02:00
Daniel Marjamäki e0e70c2531 Fixed compiler warnings 2020-08-21 17:23:55 +02:00
Paul 7776fb82a2 Fix issue 737: new check: Dereference end iterator 2020-08-17 16:36:45 -05:00
Paul a509de4d70 Add moves 2020-08-11 11:50:27 -05:00
Paul 8c7e91c985 Remove old container forward 2020-08-10 22:09:33 -05:00
Paul 71c228a01a Check for containers that modify the size using square bracket 2020-08-10 22:07:22 -05:00
Paul a5b0a1c9e2 Evaluate container size in program memory 2020-08-10 20:08:49 -05:00
Paul fec2914700 Add tests for container changes 2020-08-09 22:52:03 -05:00
Paul 26693df788 Use forward analyzer for container forward 2020-08-08 00:10:03 -05:00
Daniel Marjamäki b263b93f73
Merge pull request #2732 from pfultz2/invalid-container-subobj
Fix issue 9780: FP: invalidContainer calling push_back after getting the address of the vector
2020-08-07 09:52:25 +02:00
Paul 56affc9080 Fix issue 9780: FP: invalidContainer calling push_back after getting the address of the vector 2020-08-06 21:08:30 -05:00
Paul 0cc1f69862 Fix issue 9770: FP returnDanglingLifetime for class method taking const char* and returning std::string 2020-08-05 23:17:35 -05:00
Daniel Marjamäki fa32624c93 ValueFlow: Avoid UB in shift when rhs is negative 2020-07-25 14:13:21 +02:00
Ken-Patrick LEHRMANN a923115710 Add missing operators <<= and >>=
This fixes issues (at least false positives) in code using them.
For instance:

```
unsigned compute(unsigned long long a) {
    unsigned num = 0;
    while (a > 0xFFFFFFFF) {
      a >>= 32;
      num += 32;
    }
    if (a > 0xFFFF) {
      a >>= 16;
      num += 16;
    }
    if (a > 0xFF) {
      num += 8;
    }
    return num;
}
```

would give false positive:
```
cppcheck --enable=style  sl3.cpp
Checking sl3.cpp ...
sl3.cpp:11:11: style: Condition 'a>0xFF' is always false [knownConditionTrueFalse]
    if (a > 0xFF) {
          ^
sl3.cpp:3:14: note: Assuming that condition 'a>0xFFFFFFFF' is not redundant
    while (a > 0xFFFFFFFF) {
             ^
sl3.cpp:11:11: note: Condition 'a>0xFF' is always false
    if (a > 0xFF) {
          ^
```
2020-07-23 14:36:34 +02:00
Daniel Marjamäki 25ad22c6af astyle formatting
[ci skip]
2020-07-23 10:09:06 +02:00
Daniel Marjamäki df99d8aa0a
Merge pull request #2719 from pfultz2/fp-unreachable-alias
Fix issue 9807: False positive: ValueFlow in unreachable code, || lhs is true
2020-07-23 09:52:54 +02:00
Daniel Marjamäki 2fd44fa464
Merge pull request #2710 from pfultz2/fp-invalid-container-pointer
Fix issue 9796: False positive: lifetime, pointer item is not deallocated by pop_back
2020-07-22 09:24:54 +02:00
Paul 0def5d7a9a Reduce variable scope 2020-07-21 19:09:58 -05:00
Paul dbb410cdae Merge branch 'main' into condition-in-expr 2020-07-21 13:28:59 -05:00
Paul 38e1b57bc9 Use refs 2020-07-21 13:18:45 -05:00
Paul e2a81a382f Track reading aliases during valueflow forward 2020-07-19 23:25:35 -05:00
Paul 831690f89b Use parseDecl instead 2020-07-16 14:33:39 -05:00
Paul 423dcfd005 Fix issue 9796: False positive: lifetime, pointer item is not deallocated by pop_back 2020-07-15 12:22:36 -05:00
Daniel Marjamäki 1567ccf97b
Merge pull request #2700 from pfultz2/afterConditionFunction
Extend scope of afterCondition until end of function
2020-06-30 08:28:08 +02:00
Paul 67e06c18a9 Use the already available function scope 2020-06-29 15:36:01 -05:00
Daniel Marjamäki f34ff9325a Fixed testrunner 2020-06-29 21:53:14 +02:00
Daniel Marjamäki a0770f05e1 Reuse 'extractForLoopValues' in ValueFlow 2020-06-29 21:01:43 +02:00
Paul 07d8cb4f01 Extend scope of afterCondition until end of function 2020-06-29 11:55:59 -05:00
Paul d5b6d49d96 Fix issue 9578: false negative: (style) Condition '...' is always false 2020-06-28 15:28:08 -05:00
Ken-Patrick Lehrmann 5a3789a23f 9769: Improve value flow for ternary operator
In some cases, the condition of the ternary operator is assigned a known
value after the two possible results, and in such cases, we would not
take the opportunity to assign a value to the ternary operator (and to
the other parents in the ast).
This patch adds this capability.
2020-06-20 10:29:28 +02:00
Daniel Marjamäki 2b0e4926bc valueFlowAfterAssign: variable initialization 2020-06-14 21:14:05 +02:00
Daniel Marjamäki 6600453b44 Try to make Travis happy 2020-06-13 07:45:31 +02:00
Paul Fultz II 3109d16b42
Fix issue 9742: FP iterators3 for address of reference to vector in struct (#2668) 2020-06-01 08:53:08 +02:00
Paul Fultz II eb4754b7d9
Fix issue 9587: False positive: parameter can be declared with const (#2667) 2020-05-31 10:10:10 +02:00
Daniel Marjamäki d64631219b Fixed #9741 (Wrong value for sizeof) 2020-05-28 21:24:48 +02:00
Paul Fultz II c9798590ba
Fix issue 9701: False positive. 3rd expression in for uses comma operator. (#2664) 2020-05-28 07:41:47 +02:00
Oliver Stöneberg 4f68d85633
optimized non-matchcompiled Token::simpleMatch() a bit (#2640) 2020-05-26 20:13:56 +02:00
Daniel Marjamäki ff17cc2e8f astyle formatting
[ci skip]
2020-05-24 10:52:58 +02:00
Paul Fultz II bbe6157e16
Fix issue 9712: False positive: Returning pointer to local variable when return line implicitly cast to return type (#2662) 2020-05-23 23:12:00 +02:00
Oliver Stöneberg 37bc0483a4
made check.h less heavy (#2633) 2020-05-23 07:16:49 +02:00
Paul Fultz II 0832830a95
Fix issue 9721: ValueFlow: Comparison is always false, but ValueFlow says it is always true (#2658) 2020-05-23 07:15:13 +02:00
Daniel Marjamäki 4c5310433c astyle formatting
[ci skip]
2020-05-22 08:48:28 +02:00
Paul Fultz II 8301fa8244
Fix issue 8144: valueFlowBeforeCondition: struct (#2645) 2020-05-21 08:47:48 +02:00
Ken-Patrick Lehrmann a96a879b6d
Fix crash in addons/test/test-misra.py (#2652) 2020-05-20 16:02:13 +02:00
Daniel Marjamäki 299e11c991 Fixed Cppcheck warnings 2020-05-19 21:55:28 +02:00
PKEuS dc701276de Optimizations to ValueFlow and ForwardAnalyzer:
- Remove errorPath of a value on assignment (this fixes enormous memory consumption for code with many subsequent assignments)
- De-virtualized a simple get function that was virtual for no reason
- Cloned function isAliasOf() for single values to avoid instantiating unnecessary std::list objects (
- Replaced a couple of trivial Token::Match/simpleMatch expressions by direct comparison
- Treat enumerators as literal values
2020-05-19 21:07:04 +02:00
PKEuS 793ed68029 Refactorization: Moved code from header to source
- from utils.h to new utils.cpp
- from token.h to token.cpp
- from valueflow.h to valueflow.cpp
- from errorlogger.h to errorlogger.cpp
2020-05-19 08:35:12 +02:00
Oliver Stöneberg e0e50139cb
cleaned up includes based on include-what-you-use (#2632)
* cleaned up includes based on include-what-you-use

* token.cpp: fixed -Wextra-semi-stmt warning
2020-05-10 16:45:45 +02:00
Daniel Marjamäki 08ddd84780 Update copyright year 2020-05-10 11:16:32 +02:00
Daniel Marjamäki 3e0218299b Revert "Update copyright year"
This reverts commit 6eec6c4bd5.
2020-05-10 11:13:05 +02:00
Daniel Marjamäki 6eec6c4bd5 Update copyright year 2020-05-10 11:11:34 +02:00
Oliver Stöneberg 1af959af2c
fixed -Wextra-semi-stmt Clang warnings (#2553)
* fixed -Wextra-semi-stmt Clang warnings

* adjusted REDIRECT macro to require a semicolon

* testmathlib.cpp: rolled back accidental change
2020-04-21 17:27:51 +02:00
Daniel Marjamäki e8bbfdbfee Fixed #9559 (Multiple checks to std::atomic are not redundant) 2020-04-19 17:29:40 +02:00
Paul Fultz II e2efb338b6
Fix issue 9678: False positive: generic valueflow forward analysis (#2611) 2020-04-19 08:28:07 +02:00
Daniel Marjamäki efb583e3d1 astyle formatting
[ci skip]
2020-04-04 10:31:38 +02:00
Oliver Stöneberg 8968edeabd
avoid unnecessary creation of lists in SingleValueFlowForwardAnalyzer.isAlias() and MultiValueFlowForwardAnalyzer.isAlias() (#2586)
Comparing before and after (Ir per call) when scanning the Cppcheck source:
SingleValueFlowForwardAnalyzer.isAlias()
1246 -> 1101
MultiValueFlowForwardAnalyzer.isAlias()
4202 -> 1617
2020-04-03 09:25:21 +02:00
Paul Fultz II 71deaaeb18
Fix issue 9608: False Positive: returnDanglingLifetime with braced-init-list (#2583) 2020-04-02 10:17:58 +02:00
Paul Fultz II 6cc58e1086
Set a max for the combination of arguments that can be passsed through valueFlowSubFunction (#2579)
* Set a max for the combination of arguments that can be passsed

* Skip mismatch path ids when computing the cross product
2020-04-01 22:33:09 +02:00
Paul Fultz II f2527f5340
Fix crash in valueFlowForLoopSimplifyAfter (#2573) 2020-03-20 07:16:05 +01:00
orbitcowboy 85a26802e3 Running astyle [ci skip] 2020-03-01 20:39:00 +01:00
Paul Fultz II 6ea4f60600
Enable valueFlowSubfunction for multiple parameters (#2550) 2020-03-01 16:46:20 +01:00
Oliver Stöneberg 1863ccb0a7
fixed Clang warnings about unused variables (#2554) 2020-02-26 14:52:43 +01:00
Paul Fultz II 392060aefe
Fix issue 7804: ValueFlow: possible value in second if body (#2543) 2020-02-19 07:55:04 +01:00
Daniel Marjamäki 95ac456e13 Fixed #9582 (false positive "error: Out of bounds access" with std::array and constant) 2020-02-19 07:36:02 +01:00
Armin Müller 75b1ade316
Typos found by running "codespell" (#2542) 2020-02-17 18:28:58 +01:00
Paul Fultz II 3b20684aca
Fix issue 9360: False positive: arrayIndexOutOfBounds when function is called with different array sizes (#2541) 2020-02-17 10:31:08 +01:00
amai2012 efeb7deb7a Run dmake and astyle 2020-02-16 19:58:09 +01:00
Paul Fultz II 921887a281
Use valueFlowGeneric for valueFlowForwardExpression (#2537) 2020-02-16 16:02:22 +01:00
Daniel Marjamäki e04b9fe4a4 Remove unused functions 2020-02-14 20:37:33 +01:00
Daniel Marjamäki 5f4a900f88 astyle formatting
[ci skip]
2020-02-13 17:04:05 +01:00
Paul Fultz II 7368a54629
Add generic valueflow forward analysis (#2511) 2020-02-13 16:27:06 +01:00
Daniel Marjamäki 3ec03b8915 Fixed #9571 (False positive: containerSize) 2020-02-12 18:53:36 +01:00
Paul Fultz II 8fa7dd0fe0
Fix issue 9595: False positive: Using pointer to temporary doesn't account for const ref extended temporary lifetimes (#2525) 2020-02-10 18:01:11 +01:00
Daniel Marjamäki 2b336ac147 Refactoring; stricter lambda capture 2020-02-01 08:28:18 +01:00
Daniel Marjamäki 6c1cc54671 Refactoring; Avoid template<> 2020-02-01 08:24:31 +01:00
Rikard Falkeborn 0bb98aeef9 Fix 9577 (endless recursion in Valueflow::bifurcate()) (#2492)
Ensure bifurcate() does not recurse endlessly where a variable is
initialized recursively, or a variable is initialized as x(0) or x{0}
followed by a recursive assignment (for example int x(0); x = x / 1;).

The first case is solved by bailing out if there initialization is done
using x(0) or x{0}, the second by adding a missing depth argument to a
recursive call.
2020-01-17 03:17:26 +01:00
Daniel Marjamäki 380cc78077 Clang; Run ValueFlow 2020-01-11 14:00:41 +01:00
Daniel Marjamäki 6b983a9587 Revert ValueFlow changes, there was unexpected problems in testrunner 2020-01-11 13:11:19 +01:00
Daniel Marjamäki 052eaba632 Clang; run ValueFlow analysis 2020-01-11 13:04:51 +01:00
Daniel Marjamäki 96ff57e275 ValueFlow; Refactoring 2020-01-11 09:17:32 +01:00
Daniel Marjamäki a9dbf129f0 Clang import; some small tweaks 2020-01-09 13:52:17 +01:00
Daniel Marjamäki 1589ac5352 Clang import; Set links properly 2020-01-09 12:42:29 +01:00
Paul Fultz II 90f82d0374 Fix issue 9541: false negative: knownConditionTrueFalse (#2473)
* Fix issue 9541: false negative: knownConditionTrueFalse

* Add another test case

* Add another test

* Fix FPs

* Format

* Fix compile error

* Remove double conditions

* Fix compile error
2020-01-05 16:25:33 +01:00
Paul Fultz II e1a97c524d Fix issue 9554: False positive: The address of local variable 'x' is accessed at non-zero index. (#2470)
* Fix issue 9554: False positive: The address of local variable 'x' is accessed at non-zero index.

* Format

* Remove unnecesary condition check
2020-01-04 11:39:52 +01:00
Paul Fultz II 82c91f9484 Fix issue 9550: False positive: Same iterator is used with containers 'x' that are defined in different scopes (#2463) 2019-12-31 08:09:04 +01:00
Paul Fultz II 75de485c4d Fix issue 9551: Out-of-bounds in getLifetimeTokens() (#2461) 2019-12-29 08:23:58 +01:00
Daniel Marjamäki 31bddb6ae0 astyle formatting
[ci skip]
2019-12-26 15:48:29 +01:00
Paul Fultz II ce1fc56e96 Fix issue 6890: ValueFlow: min/max value for variable, after condition (#2460)
* Set bounds when combining values

* Adust bounds when they are negated

* Try to infer conditional values

* Switch false and true

* Fix checking of conditions

* Fix compare

* Fix remaining tests

* Fix overflows
2019-12-26 15:47:53 +01:00
Paul Fultz II 42d44f02a2 Use lifetime analysis for checking mismatching containers (#2456)
* Use lifetimes to check for mismatching containers

* Fix error messages

* Format

* Remove unused variables

* Fix configuration and track iterators through algorithms

* Fix iterator value types in qt config

* Fix library issue with QStringList

* Remove unused functions

* Fix cppcheck errors
2019-12-25 09:32:50 +01:00
Daniel Marjamäki fe23d017f3 Fixed #8419 (False positive accessMoved on int) 2019-12-21 07:39:14 +01:00
Daniel Marjamäki 33ec78fe6e Fixed #9036 (false positive: (style) Condition 's.x<127U' is always true) 2019-12-20 19:06:35 +01:00
Daniel Marjamäki a241be0ecc Fixed #9434 (False positive: Out of bounds access when using const pointer) 2019-12-15 20:10:28 +01:00
Daniel Marjamäki bcfc5924fa Fixed #9532 (False positive: Out of bounds access in expression 'v[0]' because 'v' is empty.) 2019-12-14 19:04:19 +01:00
Rikard Falkeborn 1c92170179 ValueFlow: Remove unused argument (#2442) 2019-12-10 17:48:27 +01:00
Sebastian 95e0b0d0f9
Fix #9510: Crash in valueflow.cpp solveExprValues() (division by zero) (#2420)
`break` if divider `intval` is 0 to avoid division by 0 as suggested by @pfultz2
Trac ticket: https://trac.cppcheck.net/ticket/9510
2019-12-06 08:08:40 +01:00
versat e712df7cb4 Run astyle [ci skip] 2019-12-04 13:53:10 +01:00
Paul Fultz II 36977becba Fix issue 9196: Lambda confuses check (#2415) 2019-12-03 18:30:52 +01:00
Paul Fultz II 79a2e61721 Fix issue 6850: Valueflow: pointer alias, conditional value (#2402) 2019-11-30 09:22:03 +01:00
Paul Fultz II f9d33c07f8 Fix issue 9458: Crash with shadow variables in a lambda (#2406)
* Fix issue 9458: Crash with shadow variables in a lambda

* Format
2019-11-29 09:45:02 +01:00
Paul Fultz II 4ebf54d090 Fix issue 9437: Dont assume init list constructor for strings (#2366)
* Fix issue 9437: Dont assume init list constuctor for strings

* Update the schema

* Add documentation
2019-11-17 03:22:04 +01:00
Paul Fultz II 7841430793 Fix issue 9428: FP uninitvar for pointer passed to sscanf (#2344)
* Add indirect to library cfg files

* Check indirect for non null arguments

* Reenable subfunction analysis

* Use indirect 1 when using not-null

* Parse correct string name

* Update documentation

* Make attribute optional
2019-11-13 12:46:54 +01:00
Paul Fultz II c75bbbe253 Fix issue 9404: False positive: Either the condition 'if(x)' is redundant or there is possible null pointer dereference: a->x (#2322)
* Fix issue 9404: False positive: Either the condition 'if(x)' is redundant or there is possible null pointer dereference: a->x

* Use simpleMatch

* Add a test case for the FP

* Check if expression is changed

* Check for no return scope

* Use simpleMatch
2019-11-08 08:11:41 +01:00
Paul Fultz II 2e955d0f22 Fix issue 9453: False positive: danglingLifetime, address of array argument (#2335) 2019-11-07 09:33:17 +01:00
Paul Fultz II d1f225b8ee Fix issue 9201: FP: returnDanglingLifetime on pointer to variable of static struct (#2303)
* Fix issue 9201: FP: returnDanglingLifetime on pointer to variable of static struct

* Fix capture of non-local variables in lambdas
2019-11-05 07:10:32 +01:00
Paul Fultz II c38bbb75e4 Fix issue 9448: Check for temporaries from library function calls (#2312) 2019-11-03 22:02:10 +01:00
Daniel Marjamäki 6e9d496ab3 ValueFlow: handling of char literal size before ValueType has been set 2019-10-31 14:06:46 +01:00
Paul Fultz II 694d147097 Refactor ProgramMemory and PathAnalysis (#2311)
* Traverse conditions for container size

* Move program memory to seperate file

* Revert "Traverse conditions for container size"

This reverts commit 914783769f.

* Move pathanalysis to seperate files
2019-10-30 17:57:46 +01:00
Rikard Falkeborn f83eb127ae ValueFlow: sizeof string and char literals (#2285) 2019-10-20 21:02:28 +02:00
Daniel Marjamäki 78c02f0505 ValueFlow: Fixed false positives after escape scope 2019-10-20 20:57:16 +02:00
Daniel Marjamäki e50b9e2bef Fixed #8784 (False positive uninitialized variable) 2019-10-20 15:20:05 +02:00
Rikard Falkeborn 5c061c1c12 Set correct type and size of string and char literals (#2275)
* Set correct type and size of string and char literals

Use that string and char literal tokens store the prefix. This makes
it possible to distinghuish between different type of string literals
(i.e., utf8 encoded strings, utf16, wide strings, etc) which have
different type.

When the tokens holding the string and character values have the correct
type, it is possible to improve Token::getStrSize() to give the correct
result for all string types. Previously, it would return the number of
characters in the string, i.e., it would give the wrong size unless
the type of the string was char*.

Since strings now can have different size (in number of bytes) and
length (in number of elements), add a new helper function that returns
the number of characters. Checkers have been updated to use the correct
functions.

Having the size makes it possible to find more problems with prefixed
strings, and to reduce false positives, for example in the buffer
overflow checker.

Also, improve the stringLiteralWrite error message to also print the
prefix of the string (if there is one).

* Add comment and update string length
2019-10-20 07:11:57 +02:00
Daniel Marjamäki 9a2b71494f ValueFlow: Set value for :: 2019-10-19 21:08:59 +02:00
Daniel Marjamäki e0093c99ce Fixed #9276 (False positive: ValueFlow does not handle return in switch properly.) 2019-10-18 16:16:56 +02:00
Daniel Marjamäki 3a0a0fdefb Fixed #9424 (False positive: known condition after function call) 2019-10-18 08:21:07 +02:00
Daniel Marjamäki 15d7b9c83f Fixed #9347 (FP uninitvar for pointer passed to sscanf) 2019-10-17 17:41:54 +02:00
Ken-Patrick Lehrmann 24211cf8b9 Fix crashes in valueflow (#2236)
* Fix crashes in valueflow

http://cppcheck1.osuosl.org:8000/crash.html

For instance in http://cppcheck1.osuosl.org:8000/styx
```
==19651==ERROR: AddressSanitizer: SEGV on unknown address 0x00000000001c (pc 0x556f21abc3df bp 0x7ffc140d2720 sp 0x7ffc140d2710 T0)
==19651==The signal is caused by a READ memory access.
==19651==Hint: address points to the zero page.
    #0 0x556f21abc3de in Variable::isGlobal() const ../lib/symboldatabase.h:342
    #1 0x556f221f801a in valueFlowForwardVariable ../lib/valueflow.cpp:2471
    #2 0x556f22208130 in valueFlowForward ../lib/valueflow.cpp:3204
    #3 0x556f221e9e14 in valueFlowReverse ../lib/valueflow.cpp:1892
    #4 0x556f221f1a43 in valueFlowBeforeCondition ../lib/valueflow.cpp:2200
    #5 0x556f2223dbb5 in ValueFlow::setValues(TokenList*, SymbolDatabase*, ErrorLogger*, Settings const*) ../lib/valueflow.cpp:6521
    #6 0x556f220e5991 in Tokenizer::simplifyTokens1(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) ../lib/tokenize.cpp:2342
    #7 0x556f21d8d066 in CppCheck::checkFile(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::istream&) ../lib/cppcheck.cpp:508
    #8 0x556f21d84cd3 in CppCheck::check(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) ../lib/cppcheck.cpp:192
    #9 0x556f21a28796 in CppCheckExecutor::check_internal(CppCheck&, int, char const* const*) ../cli/cppcheckexecutor.cpp:884
    #10 0x556f21a24be8 in CppCheckExecutor::check(int, char const* const*) ../cli/cppcheckexecutor.cpp:198
    #11 0x556f22313063 in main ../cli/main.cpp:95
```

* Add test case for crash in valueflow
2019-10-16 20:54:07 +02:00
Paul Fultz II 19cf636a4a Move necessary code into valuetype (#2265)
* Fix parsing of smart pointers

* Improve deduction of return type

* Valuetype computation for decayed pointers
2019-10-12 11:40:02 +02:00
Paul Fultz II 4eb4762d95 Extend lifetime checking to temporaries (#2242)
* Use lifetimes to check for returning reference to temporaries

* Check for dangling temporaries

* Check for unknown types for returining by reference

* Remove old returnTemporary check

* Format

* Check for deref op

* Ternary operator return an lvalue reference

* Warn when returning temporaries from member functions

* Improve handling of pointer to function

* Extend lifetimes of const references
2019-10-08 09:28:39 +02:00
Daniel Marjamäki 954e98cc03 astyle formatting
[ci skip]
2019-10-05 16:32:43 +02:00
Paul Fultz II cf1c766292 Fix issue 9317: False positive returnDanglingLifetime when using reference to constant inside if statement (#2241) 2019-10-05 16:32:20 +02:00
Paul Fultz II 997803869d Forward values after assignment in valueFlowReverse (#2226)
* Forward values after assignment in valueFlowReverse

* Rename variables

* Format
2019-10-03 09:58:57 +02:00
orbitcowboy f05e21efa8 Formatted the code, there are no functional changes [ci skip]. 2019-10-01 08:39:08 +02:00
Paul Fultz II 166bd2bafc Fix issue 2153: valueFlowAfterCondition: struct member (#2228)
* Fix issue 2153: valueFlowAfterCondition: struct member

* Fix null pointer dereference

* Formatting

* Check for another null pointer

* Initialize variables

* Remove redundant condition

* Format

* Add missing initialization to copy constructor

* Format
2019-09-30 21:04:43 +02:00
Armin Müller b4af8bdc2e Typos found by running "codespell" (#2227) 2019-09-29 21:23:19 +02:00
Daniel Marjamäki 2dc477571c Fix gcc compiler warnings 2019-09-28 20:50:56 +02:00
Oliver Stöneberg 1fa4df419a avoid some unnecessary copies in emplace_back() calls (#2194) 2019-09-28 20:22:46 +02:00
Daniel Marjamäki b55c587ab2 astyle formatting
[ci skip]
2019-09-26 10:32:49 +02:00
Paul Fultz II 597d0fa35b Support expression in valueFlowAfterCondition (#2219)
* Add valueFlowForwardExpression function to forward values of an expression

* Use token for expression

* Fix name in bailout message

* Handle expressions

* Add more tests for more expressions

* Add more tests

* Solve the expression if possible

* Formatting
2019-09-26 10:32:25 +02:00
Paul Fultz II 0df4876059 Fix issue 9367: FP knownConditionTrueFalse (#2209) 2019-09-24 08:15:03 +02:00
Paul Fultz II 1616282f6b Use fixed number of iterations for valueflow loop (#2205) 2019-09-23 19:35:39 +02:00
Paul Fultz II a903aa7070 Fix issue 9351: false negative: (style) Condition '...' is always true (#2201) 2019-09-23 08:49:04 +02:00
Paul Fultz II c1961cec1c Fix issue 9362: FP: (style) Condition '(v&1)==0' is always false (#2200) 2019-09-21 19:53:54 +02:00
Paul Fultz II 40f1635c35 Fix issue 9361: false positive: (style) Condition 'isdigit(c)!=0' is always true (#2199) 2019-09-21 08:19:54 +02:00
Paul Fultz II ad8abdb0c3 Add impossible values to ValueFlow (#2186)
* Add impossible category

* Replace values

* Try to adjust known values

* Add ! for impossible values

* Add impossible with possible values

* Remove contradictions

* Add values when the branch is not dead

* Only copy possible values

* Dont bail on while loops

* Load std lib in valueflow

* Check for function calls

* Fix stl errors

* Fix incorrect impossible check

* Fix heap-after-use error

* Remove impossible values when they are lowered

* Show the bound and remove overlaps

* Infer conditions

* Dont push pointer values through dynamic_cast

* Add test for dynamic_cast issue

* Add shifttoomanybits test

* Add test for div by zero

* Add a test for issue 9315

* Dont make impossible value inconclusive

* Fix FP with shift operator

* Improve handleKnownValuesInLoop for impossible values

* Fix cppcheck warning

* Fix impossible values for ctu

* Bailout for streams

* Check equality conditions

* Fix overflows

* Add regression test for 9332

* Remove duplicate conditions

* Skip impossible values for invalid value

* Check for null

* Rename bound to range

* Formatting
2019-09-20 15:06:37 +02:00
Paul Fultz II ba037837c9 Track lifetime across multiple returns
This will now warn when doing something like this:

```cpp
template <class T, class K, class V>
const V& get_default(const T& t, const K& k, const V& v) {
    auto it = t.find(k);
    if (it == t.end()) return v;
    return it->second;
}
const int& bar(const std::unordered_map<int, int>& m, int k) {
    auto x = 0;
    return get_default(m, k, x);
}
```

The lifetime warning is considered inconclusive in this case.

I also updated valueflow to no tinject inconclusive values unless `--inconclusive` flag is passed. This creates some false negatives because library functions are not configured to not modify their input parameters, and there are some checks that do not check if the value is inconclusive or not.
2019-09-11 19:25:09 +02:00
warmsocks a56bc006b7 Fixed a typo in lib/checkother.cpp. Corrected spelling errors found by codespell. (#2170) 2019-09-11 19:21:38 +02:00
Daniel Marjamäki bee30b0ca2 astyle formatting
[ci skip]
2019-09-10 19:42:17 +02:00
Paul Fultz II dc0b3527ad Fix issue 9311: False positive duplicateCondition "same if condition" with pointer inside array of struct (#2166)
* Check for typeOf through an array

* Handle array constructors

* Format

* Fix compile error on gcc 4.8
2019-09-10 19:41:35 +02:00
Paul Fultz II ddb1f1b5ce Try to fix issue 9341: daca crash: isContainerSizeChangedByFunction (#2168) 2019-09-10 19:39:44 +02:00
Paul Fultz II 27ebff7ae4 Add deeper analysis of when a function changes a containers size (#2149)
* Add deeper analysis of when a function changes a containers size

* Fix issues

* Track addressOf
2019-09-06 21:18:45 +02:00
Paul Fultz II 9e140831eb Fix issue 9329: FP knownConditionTrueFalse - vector modified by function calls (#2145) 2019-09-05 16:42:26 +02:00
Paul Fultz II 1afd56e964 Fix issue 8785: ValueFlow: Track pointer alias
This fixes the issue by making `ProgramMemory` keep track of values based on the conditions.

It also removes the `deadpointer` check since it duplicates the `invalidLifetime` check.
2019-09-03 17:16:15 +02:00
Paul Fultz II dc201d110d Fix issue 9274: false negative: (error) Buffer is accessed out of bounds (std::string, std::wstring) 2019-09-03 06:43:54 +02:00
Paul Fultz II cb509f1a8b Fix issue 4845: alias to vector element invalid after vector is changed (#2113)
* Try harder to track ref lifetimes

* Dont add lifetimes for references

* Use correct token

* Check for front and back as well

* Improve handling of addresses

* Formatting

* Fix FP
2019-09-02 06:58:09 +02:00
Paul Fultz II 121093658d Fix issue 9202: False positive: std::array, size is a constant (#2132) 2019-09-01 09:44:34 +02:00
Daniel Marjamäki 1a25d3f9ec astyle formatting
[ci skip]
2019-08-30 18:34:14 +02:00
Paul Fultz II 0b9e823fc8 Fix issue 9305: False positive uninitvar - struct initialized via function (#2123) 2019-08-30 18:32:45 +02:00
Paul Fultz II 2942be53f7 Add more tests for valueFlowUninit (#2124) 2019-08-30 08:41:17 +02:00
Paul Fultz II 03fe6795bf Fix issue 9302: FP uninitvar - struct accessed via pointer (#2121) 2019-08-29 08:38:50 +02:00
Daniel Marjamäki a47633c4b9 Added TODO comment 2019-08-26 06:56:29 +02:00
Paul Fultz II 5c488b9519 Fix issue 9190: FP uninitvar for struct member (#2112)
* Fix issue 9190: FP uninitvar for struct member

* Add more test cases

* Fix false negative
2019-08-24 11:27:47 +02:00
Paul Fultz II c0a8d628b9 Fix issue 6010: Uninitialized inner struct (#2098)
* Fix issue 6010: Uninitialized inner struct

* Show to root variable that is unitialized

* Warn on pointer dereferences
2019-08-23 06:23:20 +02:00
Paul Fultz II ee7fe3aaa1 Fix FP: Unitialized variable when using a pointer
This fixes the FP in cases like this:

```cpp
void f() {
    bool b;
    bool * x = &b;
    if (x != nullptr)
        x = 1;
}
```

It tracks the indirection of the uninit value in valueflow.
2019-08-17 07:36:41 +02:00
Paul Fultz II 3aef0c9bd3 Fix issue 8715: regression uninitvar not detected (#2092) 2019-08-16 07:48:54 +02:00
Paul Fultz II ef714225bb Use library to track container lifetimes 2019-08-15 21:14:54 +02:00
Daniel Marjamäki a57d22d2d9 astyle formatting
[ci skip]
2019-08-15 10:46:16 +02:00
Paul Fultz II af214e8212 Fix issue 8825: ValueFlow: uninitialized struct member (#2087)
* Pass uninit value across pointers

* Add more testing
2019-08-15 10:44:55 +02:00
Paul Fultz II 0c1dff5c93 Fix issue 9268: false negative: (style) Condition '...' is always true (#2080)
* Fix issue 9268: false negative: (style) Condition '...' is always true

* Fix copy and paste mistake
2019-08-14 06:34:27 +02:00
Paul Fultz II 13df5b2413 Fix FP with negative index and negated condition (#2081) 2019-08-14 06:32:31 +02:00
Paul Fultz II c0c6f92221 Fix issue 8431 and 8776: Size of constant string
Fixes these cases:

```cpp
void f(void) {
        const std::string msg="xyz";
        if(!msg.empty()){} // Always true
}
```

And out of bounds access:

```cpp
#include <string>
char fstr1(){const std::string s = "<a><b>"; return s[42]; }
wchar_t fwstr1(){const std::wstring s = L"<a><b>"; return s[42]; }
```
2019-08-12 20:24:16 +02:00
Paul Fultz II 68e8253920 Fix issue 8313 and 7326: Track values of pointer aliases in valueflow 2019-08-12 12:58:53 +02:00
Paul Fultz II 9aa97cbb95 Fix issue 8296: ValueFlow: value not set in conditional scope in subfunction (#2071)
* Fix issue 8296: ValueFlow: value not set in conditional scope in subfunction

* Refactor condition checkingg

* Make test case TODO
2019-08-11 15:39:37 +02:00
Paul Fultz II bd02ca5ccb Fix issue 9207: Not detected 'always true' and unreachable code 2019-08-08 07:46:47 +02:00
Paul Fultz II aaeec462e6 Re-enable valueFlowSubFunction (#2063)
* Re-enable valueFlowSubFunction

* Formatting

* Skip ternary operators in subfunctions

* Fix test with iostreams

* Fix FP with multiple parameters
2019-08-05 16:26:32 +02:00
Paul Fultz II ffdd2dc793 Fix issue 8924: Re-enable valueFlowTerminatingCondition 2019-08-05 07:18:06 +02:00
Daniel Marjamäki ce53931d00 Fixed #9251 (False positive: unininitialized variable (multi variables)) 2019-08-03 21:12:34 +02:00
amai2012 f02636e995 Refactoring: Convert enums to enum classes 2019-08-02 21:14:29 +02:00
Daniel Marjamäki e8ec6e6f11 Fixed #8349 (Noisy nullPointerRedundantCheck) 2019-07-27 20:03:06 +02:00
Paul Fultz II b049fd9303 Improve propogation of lifetimes of function arguments
This will now warn for cases like this:

```cpp
int* f(int * x) {
    return x;
}
int * g(int x) {
    return f(&x);
}
````
2019-07-26 07:02:07 +02:00
Daniel Marjamäki 45d1ca6f7c Safe checks: Clarify a warning message 2019-07-25 17:19:51 +02:00
Daniel Marjamäki fb7f18ddea ValueFlow: fix false detection of duplicate values 2019-07-24 12:30:33 +02:00
Daniel Marjamäki cab9f61b79 safe checks: Handle float parameters 2019-07-24 12:09:13 +02:00
Daniel Marjamäki e0738c48d2 simplify code 2019-07-24 11:40:51 +02:00
Daniel Marjamäki 10be2a1941 Safe checks: container parameters 2019-07-24 11:39:35 +02:00
Paul Fultz II 3ec3bd52e0 Fix FP when using a pointer to a container (#2029) 2019-07-24 00:04:49 +02:00
Paul Fultz II ab0fcc7640 Fix issue 9216: reset() method confusion (#2025)
* Fix issue 9216 with smart pointer reset

* Check for arrow
2019-07-23 22:45:58 +02:00
Paul Fultz II 60b670babd Fix issue 9219: False positive, returnDanglingLifetime (#2026)
* Check for pointer deref for container methods

* Formatting
2019-07-23 21:59:05 +02:00
Paul Fultz II a08a9c1349 Switch to use lifetime analysis for iterators and pointers to invalid containers
This will diagnose more issues such as:

```cpp
void f(std::vector<int> &v) {
    auto v0 = v.begin();
    v.push_back(123);
    std::cout << *v0 << std::endl;
}
```
2019-07-18 10:56:44 +02:00
Daniel Marjamäki f0aeb845e5 ValueFlow: Clarify warnings when argument min/max values are used 2019-07-17 22:17:34 +02:00
Daniel Marjamäki b4a05a3dd0 Refactoring: Use enum class 2019-07-16 11:12:35 +02:00
Daniel Marjamäki 32eda27391 Refactoring: Use enum class 2019-07-16 10:51:26 +02:00
Daniel Marjamäki 38182bf37b Replace 'unsigned' with 'nonneg' in valueflow 2019-07-15 13:47:17 +02:00